How to test Keycloak's Administration REST API

0
votes

how can I test the Keycloak native services

The documentation presents several services such as: users management, customers, groups and sessions, I have tried in many ways to test these services and without success. Perhaps due to the incorrect configuration

I saw an example on Stackoverflow that showed the correct path for services

Eg. http://{address-and-port}/auth/admin/realms/{Realm}/users

And some settings on how to test on the postman, but I did not succeed in invoking

does anyone have an example or can help me how to activate / consume these services.

Thanks!

Services to consume: (Keycloak Admin REST API) https://www.keycloak.org/docs-api/8.0/rest-api/index.html]

2
keycloakkeycloak-services

2 Answers

2
votes

I exported you a Postman Collection: https://pastebin.com/Aaf3BUah you can import it into postman.

But I want to point out, how to use the API:

My example uses a running keycloak instance (8.0.2) on http://localhost:80 with the user admin and the password Pa55w0rd

In consists of 2 requests:

Login:

Login with my admin user and fetch a access-token used in Request 2.

POST http://localhost:80/auth/realms/master/protocol/openid-connect/token
Content-Type:x-www-form-urlencoded

with the following parameters (change username/password)

username:admin
password:Pa55w0rd
grant_type:password
client_id:admin-cli

As a result i will get some data, but important is the access_Token-Bearer:

{
    "access_token": "eyJhbGc...JDjfg", //i reduced the string
...
}

Keep in mind, this token is necessary to execute Request2. But it is only valid for 60 seconds, so be fast while testing :-)

Get all Users:

GET http://localhost:80/auth/admin/realms/master/users
Header  Authorization: Bearer eyJhbGc...JDjfg

Response:

[
    {
        "id": "9fec4b6c-3648-425b-a90f-f6dd78f421ab",
        "createdTimestamp": 1581017581626,
        "username": "admin",
        "enabled": true,
        "totp": false,
        "emailVerified": false,
        "disableableCredentialTypes": [],
        "requiredActions": [],
        "notBefore": 0,
        "access": {
            "manageGroupMembership": true,
            "view": true,
            "mapRoles": true,
            "impersonate": true,
            "manage": true
        }
    }
]

With this example, you should be able to access different REST API endpoints. But make sure you include a valid access_token in every request you send - otherwise you will just get Not Authorized response

1
votes

Here is the full Postman Administration Rest API of keycloak
https://documenter.getpostman.com/view/7294517/SzmfZHnd

It is for keycloak 10 (but work for 11 too - tested)

Open it in postman, adjust environment variables with your keycloak host and params.

You will get a full functionnal keycloak admin rest api.